search

SecurityFTW / cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
GNU General Public License v3.0
1.13k stars 217 forks source link

Tool doesn't work #18

Open Sleeptime17 opened 5 years ago

Sleeptime17 commented 5 years ago

I set up a new GCP Debian instance, apt installed git, python2.7, python-pip, gcc, and executed

git clone https://github.com/SecurityFTW/cs-suite.git
cd cs-suite/
sudo python setup.py

Finishing the process with blank answers to AWS credentials:

Please enter your AWS credetionals
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]:
Default output format [None]:

(by the way, credetionals != credentials)

I wanted a GCP scan, and went by the readme's "To run GCP Audit - python cs.py -env gcp -pId "

This is my output (censored):


test@gcp-scan:~/cs-suite$ python cs.py -env gcp -pId CENSOREDPROJ
Starting GCP Audit
/usr/local/lib/python2.7/dist-packages/oauth2client/_helpers.py:255: UserWarning                                                                                                                                                             : Cannot access creds.data: No such file or directory
  warnings.warn(_MISSING_FILE_MESSAGE.format(filename))
Traceback (most recent call last):
  File "gscout.py", line 63, in <module>
    list_projects(sys.argv[1],sys.argv[2])
  File "gscout.py", line 34, in list_projects
    response = request.execute()
  File "/usr/local/lib/python2.7/dist-packages/oauth2client/_helpers.py", line 1                                                                                                                                                             33, in positional_wrapper
    return wrapped(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/googleapiclient/http.py", line 83                                                                                                                                                             8, in execute
    raise HttpError(resp, content, uri=self.uri)
googleapiclient.errors.HttpError: <HttpError 403 when requesting https://cloudre                                                                                                                                                             sourcemanager.googleapis.com/v1/projects?filter=name%3ACENSOREDPROJ&alt=json                                                                                                                                                              returned "Request had insufficient authentication scopes.">

This is basically a fresh Linux machine and the tool fails, are there missing setup steps in the guide, am I missing steps?

shivankar-madaan commented 5 years ago

Hi I will surely check this as well from my end. Thanks for reporting Could you verify once, if possible that you followed these steps https://github.com/SecurityFTW/cs-suite/tree/master/tools/G-Scout

Sleeptime17 commented 5 years ago

The G-Scout steps? No, only partially when I tried to play around with it after cs-suite didn't work. I assumed cs-suite wraps the setup for G-Scout, and followed only the intructions in the main readme.

On Sun, 26 Aug 2018 at 11:21, shivankar-madaan notifications@github.com wrote:

Hi I will surely check this as well from my end. Thanks for reporting Could you verify once, if possible that you followed these steps https://github.com/SecurityFTW/cs-suite/tree/master/tools/G-Scout

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/SecurityFTW/cs-suite/issues/18#issuecomment-416022353, or mute the thread https://github.com/notifications/unsubscribe-auth/Af06mGQBjoIq6CakL7hjK2Y3NcCq-408ks5uUlp3gaJpZM4WJfiD .

shivankar-madaan commented 5 years ago

we haven't wrapped up the setup for G-Scout, being dead honest. I will add the wrap steps for this in the coming future.

Sleeptime17 commented 5 years ago

Alright, meanwhile I'll set that up separately :)

On Sun, Aug 26, 2018, 11:33 shivankar-madaan notifications@github.com wrote:

we haven't wrapped up the setup for G-Scout, being dead honest. I will add the wrap steps for this in the coming future.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/SecurityFTW/cs-suite/issues/18#issuecomment-416022929, or mute the thread https://github.com/notifications/unsubscribe-auth/Af06mDEsocQaDWEJU42VFTkvou_4gCr-ks5uUl1LgaJpZM4WJfiD .